Cyber gene identification technology based on entity features in cyber space

ABSTRACT

A new identification (ID) technology comprising unified and standardized object identification within Cyber Space is disclosed based upon intrinsic properties of the entity to be identified. This Cyber Gene ID (or Cyber ID) technology extracts intrinsic information from either the physical users or their cyberspace counterparts, and such information is categorized into client parameters, dynamic parameters, static parameters, cloud parameters, connection parameters and user parameters.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a Continuation of U.S. application Ser. No.13/207,602, filed Aug. 11, 2011, entitled “ CYBER GENE IDENTIFICATIONTECHNOLOGY BASED ON ENTITY FEATURES IN CYBER SPACE ” and which isincorporated herein by reference and for all purposes.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a new identification technology thatachieves unified and standardized object identification within CyberSpace. This technology achieves those mentioned above by extractingintrinsic information from either the physical user or their cyberspacecounterpart. Such information is categorized into client parameters,dynamic parameters, static parameters, cloud parameters, connectionparameters and user parameters. This ID (identification) technology isbased upon intrinsic properties of the entity to be identified, and wewill call this Cyber Gene ID (or Cyber ID).

Using this technology, a person can achieve one to one projection ofobjects within the Physical Space and objects within the Cyber Space.Such projection will also be two way and can be used to solve currentcore IT (information technology) issues such as Trusted ID, informationsecurity, network security, network credibility, privacy protection,etc.

2. Description of the Related Art

With the continuous development of information technology, thecyberspace within Cyber Physical Systems has been in an anonymous andchaotic state. Service providers have little information about users,and users cannot trust each other either. Thus services that can beprovided to users are limited due to this nature. As the Internetevolves into forms such as IOT (Internet of Things), ubiquitous network,cloud computing, mobile broadband and SaaS (Software as a Service), theissue has become increasingly prominent and visible, with growingnegative impact. From the perspective of commercialization, the numberof solutions that focus on local optimization while ignoring globalefficiency and impact is also on the rise. The whole networked world isbecoming more complex, confusing and costly to maintain. Achieving aunique identity authentication protocol in cyber physical system is thebest way to solve the existing problems.

For many years, there have been numerous attempts at solving the problemwithin Cyber Physical Systems (CPS). They include but are not limited toIP (internet protocol) addressing, el 63\164 standard, RFID (radiofrequency identifier), URL (Uniform Resource Locator), private protocoletc. But they have not solved the problem of standardization andubiquity. Those solutions are also highly localized and tailored towardsspecific types of objects and are not suited for universal deployment.

SUMMARY OF THE INVENTION

The present invention discloses a method of recognizing cyber spaceobjects by using the natural properties of a cyber-entity (a logicalentity that exists independently, and has user properties andinformation consumption/production properties). It has the universal andnatural ability to uniquely identify a user, with functions similar tothe biological gene, thus being called “cyber gene”.

For example, the PC (personal computer)—based IP address can't uniquelyidentify a cell phone, but cell phones will be taking the roles ofmobile computers in the future. Standards such as E163 and E164 can'tuniquely identify a car (In the future, vehicles with computing powerswill also be part of the cyber physical space). RFID (radio frequencyidentifier/identification) is also widely used for “identification”, butit is only a tag rather than a trusted ID. Many other costs andfunctions are needed at the same time. But in the cyber gene-basedinvention and discovery, we creatively construct the GID (GlobalIdentification), which can better solve the problems that can't besettled by RFID and other methods.

Therefore, those single-dimensional criteria can neither uniquelyidentify certain objects (insufficient information), nor realize unifiedauthentication for diversified entities or even multiple forms of thesame user under different conditions. In addition, it is impossible tocomprehensively analyze the user behaviors and share user information.It is also difficult for cyber systems to obtain authentication fromtrusted organizations such as the government, resulting in the stagnantapplication and development of a trusted ID system.

There also exists many disadvantages with optical identification (suchas barcodes) and electromagnetic identification (such as RFID)technologies, such as high TCO (Total Cost of Ownership), easy damageand wear, non-persistency and poor anti-interference. In today's worldwhen the Internet of Things, Ubiquitous Network and Internet arerequired to be deeply transparent, it is an urgent issue to identify thecyber entity in a trustworthy, standardized and unique manner. This isbecoming a core problem regarding information strategies in manycountries.

Presently, no cyber identification and recognition technology that isapplicable to all systems has been discovered. The modern CS (cyberspace) applications require the mutual mapping and binding for CS and PS(Physical Space) entities. Their real identities and cyber identitiesare unique and corresponding to each other, thus realizing the uniqueidentification and recognition of the trusted ID. Through practice andresearch on some typical cases, the present invention has discoveredthat the ID structure of an entity may be completely identified by usingthe structural patterns of a cyber-entity among the client, connectionand cloud (C³) data. This ID structure makes sure that there are no twoidentical cyber entities. By identifying and verifying the uniqueidentity by means of a multi-dimensional matrix constructed by theintrinsic data relations, it differentiates the combination of metadatain a C³ protocol stack sequence structurally from that of metadata inother C³ protocol stack sequences. The technical principle as mentionedin the present invention may apply to any system that requires cyberidentification and certification, and it has been proved in practicalapplications with typical cyber entities such as mobile, personalcomputer, automobile client and cyber users. Positive results have beenobtained in terms of the positioning, tracking, identification, sourcingand anti-counterfeit of the identification-related “real names”. Itproves that the technology of the present invention is able to realizethe unique identification and accurate verification of the client. Inparticular, when some parameters of the client is changed, such as inIMEI (International Mobile Equipment Identity) or SIM (SubscriberIdentity Module) number of mobile, it is still able to identify theclient from the network, thus providing comprehensive businessapplication capabilities while integrating the positioning, privacy andcredibility.

According to the metadata sets in the natural C³ protocol stack of acyber entity, the principles of free scale and the six degrees ofsegmentation between them, the present invention discovers a structuraldata relationship that distinguishes one cyberspace entity from otherentities. Furthermore, the ID data set and structural data relations areused as the “digital DNA” or “cyber DNA” of the cyber entity. Throughthis method, we find that there are no two identical cyber entities,even if they were of the similar type of client, PC, automobile andelectronic devices manufactured by the same manufacturer. This is thecyber gene principle as mentioned in the present invention.

According to cyber gene principles, more objective and extensiveinformation can be obtained by adding various natural properties (userparameter, dynamic parameter, static parameter, client parameter,connection parameter and cloud parameter) that can be perceived by userswithin the connotation scope of the gene (digital DNA). The extendedinformation may help us trace back to the cyber digital gene from theapplication features. We vividly compare this method to “communicationfingerprint” or “cyber digital gene”. It realizes the expression ofapplication-oriented features such as objectiveness, intelligence,uniqueness, security and privacy protection.

Based on the considerations above, the present invention defines thefollowing basic terms first:

Cyber entity: a logical entity that has independent purposes andmanagement properties in the cyber space such as a set of data, networkelement, client, user profile or the combination thereof.

Protocol stack: individuals of various protocol stacks, protocol stacksequences and protocol stack sequence sets according ISO/OSI(International Organization for Standardization/Open SystemsInterconnection model) system structure, and the permutation andcombination thereof. The protocol stack also includes various protocolparameters and key data (such as facilities) inside all protocol stacks,and parameters for describing the protocol functions which comprise:

Cyber ID: abbreviation of identification generated according to thecyber gene principles.

IP: Internet protocol

{right arrow over (I)}₁: an space-time independent array of data thatbelongs to the static parameters of the user or cyber entity.

{right arrow over (I)}₂: an space-time dependent array of data thatbelongs to the dynamic parameters of the user or cyber entity.

{right arrow over (I)}₃: an array of data that reflects the cyberbehaviors features of the user or cyber entity.

{right arrow over (C)}₁: a client parameter array at the client side inCS that is related to user or cyber entity.

{right arrow over (C)}₂: a connection parameter array at the networkside in CS that is related to the user or cyber entity. For example,information on the parameters that describes the entity uniqueness in aprotocol stack regarding the features of the user or cyber entity.

{right arrow over (C)}₃: a cloud parameter array at the cloud side in CSthat is related to the user or cyber entity.

F_(DNA): a multi-dimensional matrix that constitutes the cyberstructural ID, or the function value of cyber ID (Cyber ID).

This “structural ID” includes feature elements of the client, connectionand cloud protocol stack sequence and some information relationsexpressed according to the 3×3 parameter matrix constructed up bydynamic and static parameter segmentations related to the user. First ofall, the framework is a complete set because from the perspective ofinformation communication, any cyber space activity can be described assome kind of combination and permutation of a few clients, connectionsand cloud protocol stacks. They may be divided into three categoriesthat are related to the user regardless of whether they are independentor dependent on time. They are the client, connection and cloud protocolstack horizontally and Layer 1˜7+Layer 8 (Application & Service)longitudinally. The information of all cyber entities falls within thisscope, and the feature data in C³ track of any cyber entity are allcovered. The structural relations between the key metadata on differentdimensions can be established in the framework. These data and relationsare objective and intrinsic of the entity, therefore, the metadata thatare constructed by these randomly selected ID data sets form a novel,natural multi-dimensional code block and a multi-dimensional matrix thatcan express the unique identity features of an entity, which is a “cyberDNA” structure, i.e. cyber ID.

Through intelligently perceiving or obtaining the knownmulti-dimensional property information of a user (user parameter,dynamic parameter, static parameter, client parameter, connectionparameter and cloud parameter), The present invention objectivelygenerates a unique structural identification relationship that mayrepresent an entity according to the principle of “six degrees ofsegmentation” and reasonable division of the dynamic, static and userfeature data structures from the “client, connection and cloud” protocolstack. The structural multi-tuple relationship is similar to themulti-dimensional code, and the difference is that its metadata are allfrom the entity. At the same time, these metadata and their relationsare all natural and objective, which are not artificially defined, hencetheir inherent standardization.

The information communication (or behavior track) process and scope ofany cyber entity in cyber space can only fall within the scope of C³ andits combination. The multi-tuple data extracted or sampled from thedynamic and static parameters at different time and different dimensionsare natural and objective. For specific cyber entity, its “functionvalue” is verified to be static and the gene functions or gene-tupleformed based on these natural parameters constitute the objective cyberID.

Such unique structural ID realizes features such as non-duplicability,uniqueness (overcoming the disturbance from changes of few factors [suchas number and client changes]) and persistency. The cyber ID based onthe user's objective element information is constructed by means of theknown and intrinsic data and implicit data relations, which is vividlycompared to cyber digital DNA. It realizes the objectiveness,trustworthiness, uniqueness, security, completeness and privacyfunctions of the user and cyber entity in the cyber space.

The overall technology of Cyber ID is divided into generation andrecognition processes.

All these and other introductions of the present invention will becomemuch clear when the drawings as well as the detailed descriptions aretaken into consideration.

BRIEF DESCRIPTION OF THE DRAWINGS

For the full understanding of the nature of the present invention,reference should be made to the following detailed descriptions with theaccompanying drawings in which:

FIG. 1 discloses a flow diagram of cyber ID information extraction andID sequence generation.

FIG. 2 is a multidimensional matrix corresponding to the cyber spaceformed from the mapping relation.

Like reference numerals refer to like parts throughout the several viewsof the drawings.

DESCRIPTION OF THE PREFERRED EMBODIMENT

The present invention will be described more fully hereinafter withreference to the accompanying drawings, in which some examples of theembodiments of the present invention are shown. Indeed, the presentinvention may be embodied in many different forms and should not beconstrued as limitation to the embodiments set forth herein, rather,these embodiments are provided by way of example so that this disclosurewill satisfy applicable legal requirements. Like numbers refer to likeelements throughout.

The following specification for the implementation of the presentinvention is made based on the attached drawings.

1. Information Extraction and Cyber ID Generation Process

FIG. 1 gives a flow diagram of cyber ID information extraction and IDsequence generation.

Cyber ID is subject to the structure of ID function and multidimensionalmatrix. ID sequence is formed from a 3×3 parameter matrix (step 104)constructed by user parameters, dynamic parameters, static parameters,client parameters, connection parameters and cloud parameters (step 102)via pre-defined mapping rules. The structural logic information of cyberID is derived from the actual data relation of five types of propertiesof entities inside the cyber space, i.e. “connection property, cloudproperty, behavior property, content property and security property”.The array of static parameters that define personal features of a humanbeing or an object does not change with time and space. For example,take the car as the user. The static parameters include VIN (vehicleidentification number), engine number, sales manufacturer, sales initialmileage, etc. In case of a human user, the static information parametersinclude the SSN (social security number), ID information, socialrelations information, PIM (personal information management), CV(curriculum vitae), etc.

The array of dynamic parameters that define the user and does changeswith time or space, is, for example, {name, password} pair, personalinformation (PI), cyber access point, access conditions, etc. The arrayof user parameters defining the behavioral characteristics of the useris, for example, network footprint, spending habit, position trace, etc.Array is defined by client parameters from the system and client levelrelated to the user. For example, the address book in the client,software and hardware configuration information of the client, widgetfolder, etc, that indicate which kind is the object or the user, etc.Array is defined by connection parameters from the network level,including network access type, address-like information, networkfacilities (which can extract a great deal of unique information fromthe protocol stack), DPI (deep package inspect), communication strategy,position, service facilities, roaming mechanism, etc. Array is furtherdefined by cloud parameters from the service level, indicating type ofuser service, QOE (Quality of Experience), security level, applicationenvironment, etc. These objective system property parameters compriseinformation of all aspects such as network transmission and serviceapplication.

Based on the multidimensional matrix (step 106) constructed by theseobjective information, this matrix is a 3×3 type multidimensionalmatrix. The vectors of user parameter, dynamic parameter and staticparameter are the columns and the vectors of client parameters,connection parameters and cloud parameters are the rows. Client is alsodivided into user, dynamic and static parts. Connection is also dividedinto user, dynamic and static network parameters. Cloud also consists ofuser features, dynamic and static parameters of service level.

The parameter value of each dimensionality may be Boolean value, dataset, data structure, relation and the said combination, etc. Accordingto the feature requirements of different clients, the 3×3 matrix formedby the value and relations of the elements on each vector will be storedin the cloud server (step 108) of service client, with or withoutconversion. Any cyber entity may upload its dynamic parameters to thecloud server through real time online function to modify thecorresponding parameters in the multidimensional matrix in a real timemanner. In the meantime, the structure of cyber ID may also change withthe parameters in the matrix.

Since the user parameters, dynamic parameters, static parameters, clientparameters, connection parameters and cloud parameters (step 102) areall derived from the expression of a physical entity or logical entityin cyber space (such as the whole stack sequence in accordance withISO/OSI protocol stack), they are an objective mapping of the physicalentity or logical entity in the cyber world. In the logical framework ofthe 3×3 parameter matrix, there are many inherent, intrinsic anddistinctive connections among and within data in the nine cells of thematrix. It is in these connections that a stable relation is formedgradually. We can gather these intrinsic relations among data and thenapply the six degrees of segmentation principle and small world theoryto form a unique data structure with certain values. Those values arethen mapped to cyber space (step 104 to step 108), so the one to oneprojection and binding relation of the physical world and the cyberworld are achieved. Consequently, attributes of cyber ID, such asobjectiveness, uniqueness, security, feasibility and completeness areestablished.

2. Cyber ID Recognition Process

FIG. 2 is a multidimensional matrix that is corresponding to the cyberspace formed from the mapping relation randomly sampled by a thirdentity. By comparing it with the multidimensional matrix of cyber IDformed from the 3×3 parameter matrix, unique ID recognition can beachieved.

Any users (202) in the physical world, either a human being or anobject, can acquire and upload its parameter information such as userparameters, dynamic parameters, static parameters, client parameters,connection parameters and cloud parameters to the cloud server accordingto ID forming process (step 204). The cloud server takes samples of theuploaded data according to the application needs (fraud proof,anti-theft, authentication and charge, etc.) (step 208) by forming alist of all parameters (step 210). Rebuilding a multidimensionalsub-matrix according to the data in the list and this sub-matrix is acertain sub-matrix of multidimensional matrix forming the cyber ID,which may be “sparse matrix” after sampling (step 212). Comparing thesampled sub-matrix with the multidimensional matrix formed through theCyber ID forming process to achieve verification (step 216). If thesampled sub-matrix is coincident with a certain part of themultidimensional matrix formed through the generation process and storedin the cloud sever, i.e. the data and data structure in themultidimensional matrix or the relation among data matches, thenmatching ID will be the output (step 218). Thus, unique ID recognitionprocess is finished. During the whole process, the data collected iscomplete, which can reflect the features and characters of all aspectsof entity.

Further Implementation Details

The cyber ID technology disclosed by the present invention impactsidentification procedure for elements in the cyber systems such asequipment, standards, the processing, transportation, management andcontrol of information. The technologies covered include from simpletechnologies to advanced technologies and from cyber entity, client,connection and cloud, regardless if it is in a dynamic environment orstatic environment. The object of the present identification andrecognition technology has the features of both CS and PS owners and hasunique mapping of real name and anonymity in CS and PS, thus it isglobal cyber digital gene identification system in CS and informationalPS.

The present invention solves the problem of cyber entity trusted IDrecognition in the field of cyber and physical system (CPS), IOT(internet of things). The mapping between physical space (PS) and cyberspace (CS) and the inter-mapping between real name and fake name in thePS and CS (real name and real name, real name and fake name, fake nameand real name, fake name and fake name) can be achieved by using thismethod. It is possible to comprehensively describe the property of eachcyber entity in an objective manner in CS. In the meantime, according tothe actual requirements and background, the network efficiency and someonline functions (for example, using the security mechanism of cybergene technology for encryption and privacy, global network positioning,global unique identification, personalized trace and monitoring,multiple identification system (SSO: signal sign on), good faithtransaction and payment, intelligent cloud computing sharing platform,etc.) may be enhanced greatly, thus forming the core foundation of allkinds of solutions in the application of next generation CPS andInternet of Things.

The cyber ID abstracted by using the structural information of cyberpersonalized entity in the client, connection and cloud system sharesthe features with biological genes. First of all, it is objective andunique. Then it is safe, has privacy protection and is intelligent. Itcan be used as a unique technical method to identify any entity in cyberspace, and to solve the current inseparable problem of address andidentification and many problems that are common in communication, whichwere difficult to settle before, such as ID, privacy protection,information security, good faith transaction, border invasion and cyberfraud.

In conclusion, the present invention is summarized as follows:

The present invention provides a technology for achieving the consistentand unique identification and authentication of cyber and physical spaceentities by extracting various physical or virtual, user's intrinsic andobjective property information (user parameter, dynamic parameter,static parameter, client parameter, connection parameter and cloudparameter) from the cyber world in cyber space (CS), and a geneticdigital ID (cyber ID) method based on the 3×3 parameter matrix in cyberspace. The method consists of the acquisition of cyber entity structureinformation, generation process of cyber ID as well as the analysis,validation and identification processes of cyber ID. Anything that is inaccordance with the above principle and business process and takes thefollowing methods or thoughts belongs to the scope of this patent.

A method is disclosed to create a trusted and unique identity for anetwork entity from its intrinsic properties. The properties are basedon the network entity's client, connection and cloud protocol stacks.The static and dynamic properties and the combination order of thoseprotocol stacks make up the system the trusted identity is based upon.

1) Cyber Genetic Information Extraction and Cyber ID Generation Process

Cyber ID is determined by the relational structure amongst themulti-dimensional ID matrix elements. The ID sequence and matrixelements are generated by the 3×3 grid matrix that is built by userparameters, dynamic parameters, static parameters, client parameters,connection parameters and cloud parameters in accordance with specificmapping rules. The structural information of cyber ID originates fromthe data relations of five properties of “cyber property, serviceproperty, behavioral property, content property and security property”on the intrinsic and inherent service of the entity in cyber space. Thearray that defines the individual characteristics of the user or logicobject and doesn't vary with time and space on the static parameterdimension is, for example, the automobile acts as the inherentparameter, including VIN, engine No., sales of manufacturers, initialmileage of sales and so on; the people act as the inherent informationparameter, including user ID information, social relation information,resume and so on; cyber information parameter include the cyber type,DPI, cyber Facilities used in communication, IP address, roamingproperty and so on. The array that defines the user on dynamic parameterdimension is, for example, (user name, command) pair, password, servicecyber facilities (such as Proxy, Email) and so on. The array thatdefines and reflects the users' behavioral characteristics on the userparameter dimension is, for example, consumption behavior, action path,cyber addiction, etc. It is required to define the client parameterarray from the angle of system and from the client layer. For example,the client property information indicates that the user belongs to whichscope of objects or which kind of users. It is required to define theconnection parameter array from the cyber layer, including the cybertype, access facility, position and other cyber information. It is alsorequired to define the cloud parameter array from the service layer toindicate the type of user service and service demand, etc. All thesesystem property parameters contain the information in all aspects of thenetwork. The transmission application and the information is objective.

As for the multi-dimensional matrix in the form of a 3×3 grid that iscreated based on these objective information, its rows consists of threedimensional vectors of user parameters, dynamic parameters and staticparameters, and columns consists of three dimensional vectors of clientparameters, connection parameters and cloud parameters. The parameter ofeach dimension contains various elements that describe the parameter andrelationships among elements and relational structure. In such cases,even some of the metadata changes, the relational structure will not.Therefore, it is a composite data entity that contains a large amount ofinherent information and self-characteristics. According to thecharacteristics of different clients and/or users, the value of elementin each scope can be real values (indicated by Boolean, relation,collection, array, data or arbitral data) or “null value”. Themulti-dimensional arrays formed in such ways will be stored in the cloudserver of the service end through the encryption and exchange. Theclient or user may upload his/her own dynamic parameter to the cloudserver in real time online to change and synchronize the parameter inthe multi-dimensional array in real time. As long as the relationalstructures among the key parameters do not change, the change of dynamicinformation will not affect its original data structure, and thus, thedigital signature will not be changed. However, the “digital DNA” willbe changed gradually. By making use of such a characteristic, thepresent invention is able to create the algorithms of trusted ID andtrusted ID recognition.

2) Cyber ID Recognition Process

Any user in the physical world, whether a human user or machine, canupload their own key parameter information in the 3×3 parameter matrixto the cloud server in real time. The information is sufficient and thecloud server handles user parameters, dynamic parameters, staticparameters, client parameters, connection parameters and cloudparameters in all dimensions for the uploaded data based on the demandsof application (anti-counterfeiting, encryption, authentication,financial transactions, etc.), forming a list of all attributes andrestoring all property relationships. And then it is required to rebuildpart of the multi-dimensional sub-matrix based on the list. Thesub-matrix is one sub-matrix of the multi-dimensional matrix that formsthe cyber ID and it can be of sparse type. It is important to comparethe sampling sub-matrix formed with the multi-dimensional matrix that isformed in the entire 3×3 parameter matrix and stored in the cloud serverfocusing on the structural data relation under the principles of sixdegrees of segmentation and Scale Free Rules. It is determined throughthe comparison that, if the sampling sub-matrix fits with the ID arraythat is formed through the 3×3 parameter matrix and stored in the cloudserver in FIG. 1 on enough (sufficient and necessary) key structuralinformation, that is, the data in multi-dimensional matrix, datastructure or the relation among data fits, then the output result ofdetermination is that the identity is either matched, or the identityisn't matched. In this way, the unique identity recognition process iscompleted. The entire process requires that the information collected issufficient and can reflect the features and characteristics of theentity in all aspects with high fidelity.

Characteristics of cyber ID sequence produced by the method involved inthe present invention include:

1) Objectivity and Follows Natural Standard

The scope of this patent includes the adoption of limited relationalinformation and data structure that are implied in the invariablestructure between the inherent information and information of the CPentity as the entity identification (we call it as cyber DNA ID, orcyber ID for short), and corresponding implementation techniques andmethods.

The user parameters, dynamic parameters, static parameters, clientparameters, connection parameters and cloud parameters that form thecyber ID contain necessary information that can embody and describe thecyber entity on the network path and the information are used in thebasic communication, PIM (Personal Information Manager), communicationfacility, resource service facility, dynamic cache (dynamic data) andservice platforms. In cyber spaces, these information parameters areobjective. And the arrays and data that are constituted by theseobjective and natural information are also objective. For example, theparameters that come from the cyber consensus or defaulted parametersthat are composed of user network mode, VPN (virtual private network)and QOS (quality of service), access information and positioninformation are also parameters existed rather than artificially definedsubjective parameters. Based on these objective parameters and theextraction of their relations, the cyber ID that is constituted throughthe exchange has a stable and sole ability of representing the userproperties. The arrays that are composed of these parameters have theorthogonal property and are sole and objective and they are also unique.All property elements contained in the cyber ID structure are mappingsfrom the physical information space without any artificial intervention.Therefore, the cyber ID is objective.

The client, connection and cloud (C³) parameters objectively exist inthe protocol stack during the information communication process, andthey are also the combinations of all the information communicationbehaviors. The information communication process and scope of any cyberentity in the cyber space can only be within the scope of C³ and itsassembly. The metadata that is extracted at different time fromdifferent parameters or built by sampling is also natural and objective.As for the specified cyber entity, its “functional value” (data and itsstructural relation in array) is verified as unchangeable. And theobjective cyber ID is composed of these genetic variables and naturalparameters.

2) Uniqueness

Cyber ID can be regarded as a combination of intrinsic and objectiveproperties of an information entity. Mathematically, it is a functionintegrating various metadata and features, metadata combination,combinational relationships, data structure properties and keyproperties of different time stamps and space stamps of a silicon-basedorganism (the general term of various electronic chip devices withintelligent control mechanism). Information of all these functions isderived from the organism's natural existence. The structural relationsof data are unique (because the multi-dimensional identification isadopted and the principle of six degrees of segmentation is abided by),therefore, no two entities are identical. The uniqueness also enhancesthe anti-interference capacity of ID system, since false positiveverification will not occur due to matching properties on singlecriteria.

3) Security

The security of cyber ID is determined by unique ID functions and matrixtransformations. Due to the uniqueness of cyber ID, it is impossible tospeculate different 6-degree relation sequences, and it is alsouncertain to choose which six degrees. They have different time andspace stamps. The combinational elements here are the “client,connection and cloud” protocol stack, and all metadata of the cyberentity are derived from C³. But the complexity of determining thequantity and order of metadata and the randomness of selecting 6 from Nexceeds even 256-bit RSA encryption. At the same time, the cyber IDsequence can only obtain the same transformation matrix in the targetuser under the condition that it has the information on the user's ownverified and matched cyber ID. For non-target user or business, such IDcan't be identified, and it is unknown and unavailable. Therefore,forced authorization is impossible.

Therefore, the cyber ID-based encryption is safe for both the users andbusinesses, and it guarantees the security of information communicationand exchange.

The cyber ID has the unique and objective features similar to biologicalDNA, and different clients and businesses have different ID sequencestructures (structural relation features)—a gene code. Only the users orbusinesses that have their own gene code can have an access to the cyberresources, which are unknown and unavailable to the outside world andcan't be separated from the entity. Just like no one can authorize theirown biometric data for other people to use.

4) Privacy

The uniqueness and security of the cyber gene can't be authorized, whichis different from password or other forms. It can not be transferred,copied or plagiarized, thus having advantages in protecting the privacy,as what is said, “My information is in my hand”.

The information included in the cyber ID is self-information, and therecovery and verification of ID can only be obtained by users under theconditions of self-existence. It is not some known or definedmulti-dimensional code. Based on such objective, portable and uniquecyber ID, users can use their own information only when they are theirtrue self. Only then are they allowed to proceed to use thoseinformation for application purposes.

Other users or business cannot identify the cyber ID of the non-targetclient since they have different transformation structures, and thetarget client has the freedom to accept or reject sharing services withsuch non-target client. Different types of businesses can be integratedvia the cloud computing means to cooperatively complete different tasks.At the same time, such process is invisible and shielded to the client.Therefore, with the cyber ID-based objective, unique and safeidentification, the business end can perceive the user's behaviors andenvironment to achieve exclusivity, and also better protect the user'sprivate information.

The objectiveness, uniqueness, security and privacy of cyber ID areintertwined with each other. Objectiveness is a basis for realizing theuniqueness feature, because the uniqueness of cyber ID depends on theobjectiveness and natural standard of data collected from the physicalworld. The objectiveness and uniqueness also determine the security ofID. These three features also determine the inseparability between IDand the user, i.e. the intrinsic privacy protection feature.

5) Trustworthiness

Cyber ID is obtained by extracting the information and metadata of theknown C³ protocol stack sequence. A unique, multi-dimensional andobjective information array can be constructed by means of the user'sintrinsic basic communication information, PIM information,communication facility information, resource information, dynamic cacheinformation and user behavior information.

The trustworthiness and reliability of Cyber ID are derived frompreviously mentioned objectiveness, uniqueness, security, privacy andaccompanying and also from the non- mutability of the relationalstructure and objective data. In addition, based on various informationsecurity algorithms available, the user's cyber DNA can be rapidlyobtained and then compared by means of the mathematical modeling, datamining and cluster analysis, mode identification, new internettechnology and cloud computing technology. This process of generatingand using cyber DNA is also a trustworthy technology.

6) Solution Completeness (Sufficiency and Necessity)

The cyber gene ID is a subset of the information set of a cyber entitywithin the scope of C³ (client, connection and cloud protocol stack)that covers the user information, dynamic information and staticinformation of the user or cyber entity. Any trusted and self IDinformation and metadata must fall within such scope. Therefore, theexpression of the 3×3 parameter matrix is sufficient. In cyber space,any information involving the exchange and communication is certainlyfrom the protocol stack of some entity, because the network space isconsisted of a lot of protocol stacks and protocol stack sequences, withthe information flows between and inside the protocol stacks. The cybergene model is a set of the abstract client, connection and cloudprotocol stack. Therefore, it is a complete set, which is both necessaryand sufficient.

In addition, for any cyber ID to remain trustworthy and unique, it mustconform to the features of objectiveness, uniqueness, addressability,security and privacy. Thus these features are also necessary.Information of all functions, such as the metadata set, “siliconorganism” feature metadata, structural relations of data, and optimizedinformation of different time and space scales, are all objective, andthe “function value” will not change according to the data source andcombination conditions. Therefore, the multi-dimensional vectorconstructed by such method may uniquely and fully identify the users.

In summary, the present invention comprises the following disclosures:

A Cyber Identification (ID) system that achieves fully secure, uniqueand consistent identification and authentication of entities within aCyber-Physical Space (CPS), the aforementioned system comprising:

-   -   a) A form of identification based on intrinsic properties of the        aforementioned CPS entity,    -   b) Subsystem of the aforementioned CPS entity described by a        combination of six properties including client, connection,        cloud, user, static and dynamic properties, based on network        theories and cyberspace structures,    -   c) Subsystem constructed from parameters of the aforementioned        CPS entity: user parameters, dynamic parameters, static        parameters, client parameters, connection parameters and cloud        parameters, wherein the aforementioned parameters are unique to        the aforementioned entity, much like biological DNA and thus        impossible to counterfeit,    -   d) An identification unit composed of the aforementioned        properties of the aforementioned CPS entity's hardware,        communication protocol stacks, client level software and        relationships wherein no two separate the aforementioned CPS        entities can have the exact same the aforementioned        identification unit,    -   e) An operation pattern for the aforementioned CPS entity        remaining relatively consistent and without significant change        to the aforementioned CPS entity's hardware or network protocol        stack,    -   f) A combination of intrinsic and objective properties of an        information entity that is a function integrating various        metadata and features, metadata combination, combinational        relationships, data structure properties and key properties of        different time stamps and space stamps of a silicon-based        organism which is the general term of various electronic chip        devices with intelligent control mechanism, wherein information        of the aforementioned functions is derived from the        aforementioned organism's natural existence,    -   g) A security unit of the aforementioned Cyber IDs determined by        unique identification (ID) functions and matrix transformations,        which is largely related to an uniqueness of the aforementioned        Cyber ID and a method of the aforementioned Cyber ID generation        to ensure user and business privacy,    -   h) A complete CPS entity identification subsystem which is a        subset of information set of a network entity within scope of C³        (client, connection and cloud) protocol stack that cover user        information, dynamic information and static information of a        cyber entity, and can fully and uniquely identify the        aforementioned CPS entities and serve as a standalone        identification protocol, and    -   i) A unique structural relationship of data wherein a        multi-dimensional identification is adopted and a principle of        six degrees of separation is abided by to ensure no two entities        are identical.

The aforementioned Cyber ID includes adoption of limited relationalinformation and data structure that are implied in the invariablestructure of inherent information of the aforementioned CPS entity as anentity identification, further comprising:

-   -   a) The aforementioned client, connection and cloud (C³)        parameters objectively existing in a protocol stack during        information communication process, and also in combination of        all information communication behaviors, wherein the        aforementioned information communication process and scope of        any the aforementioned CPS entity in a cyber space can only be        within scopes of the aforementioned C³ and its assembly, and the        aforementioned metadata extracted at different time from        different parameters or built by sampling is also natural and        objective, and the aforementioned objective Cyber ID is composed        of the aforementioned genetic variables and natural parameters,        and    -   b) The aforementioned user parameters, dynamic parameters,        static parameters, client parameters, connection parameters and        cloud parameters used to generate the aforementioned Cyber ID        containing necessary information that can embody and describe        the aforementioned CPS entity on network path and the        aforementioned information used in basic communication, PIM        (Personal Information Manager), communication facility, resource        service facility, dynamic cache (dynamic data), user behavior        information and service platforms, wherein in the aforementioned        cyber spaces, the aforementioned information parameters are        objective, and arrays and data constituted by the aforementioned        objective and natural information are also objective.

The aforementioned Cyber ID has a stable and sole ability ofrepresenting user properties, and the aforementioned arrays composed ofthe aforementioned parameters have an orthogonal property and are sole,objective and also unique.

The aforementioned property elements contained in the aforementionedCyber ID structure are mappings from physical information space withoutany artificial intervention, and therefore the aforementioned Cyber IDis objective.

The aforementioned Cyber ID can be obtained by extracting theaforementioned information and the aforementioned metadata of theaforementioned C³ protocol stack sequence.

The aforementioned Cyber ID can also be obtained and compared by meansof mathematical modeling, data mining and cluster analysis, modeidentification, new Internet technology and cloud computing technologyin the aforementioned CPS entity.

The aforementioned metadata of the aforementioned CPS entity are derivedfrom the aforementioned C³ protocol stack, and the complexity ofdetermining quantity and order of the aforementioned metadata and therandomness of selecting six from N exceeds even a 256-bit RSA (by Ron,Shamir and Adleman at MIT) encryption.

The aforementioned Cyber ID sequence can only be obtained by the sametransformation matrix in a target user with information of user's ownverified and matched the aforementioned Cyber ID

The aforementioned Cyber ID model is a set of abstract client,connection and cloud protocol stacks.

The aforementioned information entity containing the aforementionedmetadata, the aforementioned silicon organism, the aforementioned datastructure and optimized information of the aforementioned different timeand space stamps, are all objective, and will not change according todata source and combination conditions.

The aforementioned C³ protocol stack can be integrated into traditionalnetwork protocol stack.

A method to generate a unique Cyber ID (Identification) for any objectswithin a Cyber-Physical Space (CPS), the aforementioned methodcomprising:

-   -   a) The aforementioned Cyber ID determined by a relational        structure amongst multi-dimensional ID (identification) matrix        elements generated by a 3×3 matrix built by specific mapping        rules and user parameters, dynamic parameters, static        parameters, client parameters, connection parameters, and cloud        parameters extracted from a cyber entity,    -   b) Columns of the aforementioned 3×3 identity matrix consisted        of client parameters, connection parameters and cloud        parameters, and rows of the aforementioned matrix consisted of        user parameters, dynamic parameters and static parameters,        wherein the aforementioned relationship data is stored within        the aforementioned 3×3 matrix for different types of parameters,    -   c) Choosing parameters from the aforementioned 3×3 matrix which        is relatively unique to the aforementioned cyber entity, and        also has relatively unique relations of its various attributes        to construct an internal structure relationship diagram for the        aforementioned cyber entity optimized for searching and        identification using six-degrees of separation principal,    -   d) Structural information of the aforementioned Cyber ID        originating from data relationship of network properties,        service properties, behavioral properties, content properties        and security properties of the aforementioned cyber entity, and        the aforementioned structural relationship data being a crucial        part to the aforementioned Cyber ID which reinforces the        aforementioned Cyber ID's capability of uniquely identifying the        aforementioned cyber entities,    -   e) The aforementioned Cyber ID possessing a high degree of        privacy and security guarantee due to multiplicity of composing        data and relations, complexity of structural data and        non-symmetrical information,    -   f) The aforementioned 3×3 parameter matrix of the aforementioned        cyber entity used to generate a unique and secure the        aforementioned Cyber ID by using specific mapping and        transformation rules based on principal of        Six-degrees-of-Segmentation, and being practically impossible to        brute force matrix transformation combination due to vast number        of possible combinations of metadata, wherein the aforementioned        transformation sequence has security level exceeds even that of        256-bit RSA (by Ron, Shamir and Adleman at MIT) encryption, and    -   g) Generated the aforementioned Cyber ID be paired with the        aforementioned entity and be stored in a cloud server for future        references, identification and authorization purposes.

The aforementioned multiple parameters of same the aforementioned cyberentity contain same intrinsic structural relationship to ensureresulting the aforementioned Cyber IDs consistent and valid throughoutlife cycle of the aforementioned cyber entity.

The aforementioned Cyber ID is generated from intrinsic properties ofthe aforementioned cyber entity and always valid and usable despitechanges on network cloud even though comparison or generation algorithmmay vary.

The aforementioned structural information of the aforementioned Cyber IDcontains self-information, and only users under the conditions ofself-existence can perform recovery and verification of theaforementioned Cyber ID.

The aforementioned Six-degrees-of-Segmentation comprises algorithmrandomly choosing six out of many metadata and relationships from theaforementioned 3×3 parameter matrix.

A method to recognize, match and authenticate a Cyber ID(identification) to achieve identification and authentication of aCyber-Physical Space (CPS) entities, the aforementioned methodcomprising:

-   -   a) Any users in physical world, whether human or machine, being        able to upload own key parameter information in the form of a        3×3 parameter matrix to a cloud server in real-time,    -   b) The aforementioned cloud server forming a list of all        attributes and restoring partially key parameter relationships        of the aforementioned entity from the aforementioned uploaded        3×3 parameter matrix,    -   c) The aforementioned cloud server building a multi-dimensional        sub-matrix from the aforementioned parameters collected, and        this re-build process utilizing a stored matrix transformation        sequence of the aforementioned CPS entity, wherein the        aforementioned resulting sub-matrix will then be compared to the        aforementioned original 3×3 parameter matrix of the        aforementioned entity stored in the aforementioned cloud server,        and the aforementioned comparison will be focused on structural        data relationships under principles of six degrees of separation        and Scale Free Rules, with results returned as either positive        or negative,    -   d) Performing multiple iterations of generation and comparison        to ensure validity of identification, and each iteration        following above same procedure, and    -   e) Speed of recognition subject to quality and effectiveness of        information contained in the aforementioned sub-matrix.

The aforementioned Cyber ID can not be authenticated to non-targetclients since they have different transformation structures, and atarget client has full freedom to accept or reject sharing services withthe aforementioned non-target client.

The aforementioned cloud server can be a mobile wireless cloud server ineither mobile networks or wireless access networks.

The above specification and claims, as well as the ideas and logicprocess, specific operation and implementation concept constitute thecore of this patent and the overall scope of claims.

The system and method of the present invention are not meant to belimited to the aforementioned experiment, and the subsequent specificdescription utilization and explanation of certain characteristicspreviously recited as being characteristics of this experiment are notintended to be limited to such techniques.

Many modifications and other embodiments of the present invention setforth herein will come to mind to one ordinary skilled in the art towhich the present invention pertains having the benefit of the teachingspresented in the foregoing descriptions. Therefore, it is to beunderstood that the present invention is not to be limited to thespecific examples of the embodiments disclosed and that modifications,variations, changes and other embodiments are intended to be includedwithin the scope of the appended claims. Although specific terms areemployed herein, they are used in a generic and descriptive sense onlyand not for purposes of limitation.

What is claimed:
 1. A method to generate and recognize a unique Cyber ID(Identification) for any objects within a Cyber-Physical Space (CPS),said method comprising: a) Said Cyber ID determined by a relationalstructure amongst multi-dimensional ID (identification) matrix elementsgenerated by a 3×3 matrix built by specific mapping rules and userparameters, dynamic parameters, static parameters, client parameters,connection parameters, and cloud parameters extracted from a CPS entity,b) Columns of said 3×3 identity matrix consisted of client parameters,connection parameters and cloud parameters, and rows of said matrixconsisted of user parameters, dynamic parameters and static parameters,wherein said relationship data is stored within said 3×3 matrix fordifferent types of parameters, c) Choosing parameters from said 3×3matrix which is relatively unique to said cyber entity, and also hasrelatively unique relations of its various attributes to construct aninternal structure relationship diagram for said cyber entity optimizedfor searching and identification using six-degrees of separationprincipal, d) Structural information of said Cyber ID originating fromdata relationship of network properties, service properties, behavioralproperties, content properties and security properties of said cyberentity, and said structural relationship data being a crucial part tosaid Cyber ID which reinforces said Cyber ID's capability of uniquelyidentifying said cyber entities, e) Said Cyber ID possessing a highdegree of privacy and security guarantee due to multiplicity ofcomposing data and relations, complexity of structural data andnon-symmetrical information, f) Said 3×3 parameter matrix of said cyberentity used to generate a unique and secure said Cyber ID by usingspecific mapping and transformation rules based on principal ofSix-degrees-of-Segmentation, and being practically impossible to bruteforce matrix transformation combination due to vast number of possiblecombinations of metadata, wherein said transformation sequence hassecurity level exceeds even that of 256-bit RSA (by Ron, Shamir andAdleman at MIT) encryption, g) Generated said Cyber ID be paired withsaid entity and be stored in a cloud server for future references,identification and authorization purposes, and h) Said Cyber ID to berecognized, matched and authenticated.
 2. The method as recited in claim1, wherein said Cyber ID to be recognized, matched and authenticated toachieve identification and authentication of CPS entities, said methodcomprising: a) Any users in physical world, whether human or machine,being able to upload own key parameter information in the form of a 3×3parameter matrix to a cloud server in real-time, b) Said cloud serverforming a list of all attributes and restoring partially key parameterrelationships of said entity from said uploaded 3×3 parameter matrix, c)Said cloud server building a multi-dimensional sub-matrix from saidparameters collected, and this re-build process utilizing a storedmatrix transformation sequence of CPS entity, wherein said resultingsub-matrix will then be compared to said original 3×3 parameter matrixof said entity stored in said cloud server, and said comparison will befocused on structural data relationships under principles of six degreesof separation and Scale Free Rules, with results returned as eitherpositive or negative, d) Performing multiple iterations of generationand comparison to ensure validity of identification, and each iterationfollowing above same procedure, and e) Speed of recognition subject toquality and effectiveness of information contained in said sub-matrix.3. The method as recited in claim 1, wherein said multiple parameters ofsame said cyber entity contain same intrinsic structural relationship toensure resulting said Cyber IDs consistent and valid throughout lifecycle of said cyber entity.
 4. The method as recited in claim 1, whereinsaid Cyber ID is generated from intrinsic properties of said cyberentity and always valid and usable despite changes on network cloud eventhough comparison or generation algorithm may vary.
 5. The method asrecited in claim 1, wherein said structural information of said Cyber IDcontains self-information, and only users under the conditions ofself-existence can perform recovery and verification of said Cyber ID.6. The method as recited in claim 1, wherein saidSix-degrees-of-Segmentation comprises algorithm randomly choosing sixout of many metadata and relationships from said 3×3 parameter matrix.7. The method as recited in claim 2, wherein said Cyber ID can not beauthenticated to non-target clients since they have differenttransformation structures, and a target client has full freedom toaccept or reject sharing services with said non-target client.
 8. Themethod as recited in claim 2, wherein said cloud server can be a mobilewireless cloud server in either mobile networks or wireless accessnetworks.
 9. The method as recited in claim 1, wherein said Cyber ID hasa stable and sole ability of representing user properties wherein saidproperties' elements contained in said Cyber ID structure are mappingsfrom physical information space without any artificial intervention, andtherefore said Cyber ID is objective.
 10. The method as recited in claim1, wherein said Cyber ID can be obtained and compared by means ofmathematical modeling, data mining and cluster analysis, modeidentification, new Internet technology and cloud computing technologyin said CPS entity.
 11. The method as recited in claim 1, whereinsequence of said Cyber ID can only be obtained by the sametransformation matrix in a target user with information of user's ownverified and matched said Cyber ID.
 12. The method as recited in claim1, wherein said Cyber ID model is a set of abstract client, connectionand cloud protocol stacks.
 13. The method as recited in claim 2, whereinsaid key parameter information containing metadata, silicon organism,data structure and optimized information of different time and spacestamps, is objective, and will not change according to data source andcombination conditions.
 14. The method as recited in claim 1, whereinparameter value of each dimensionality of said 3×3 matrix may be Booleanvalue, data set, data structure, relation and their combination.
 15. Themethod as recited in claim 1, wherein any said CPS entity may upload itsdynamic parameters to said cloud server through real time onlinefunction to modify, change and synchronize corresponding parameters insaid 3×3 matrix in a real time manner.
 16. The method as recited inclaim 15, wherein as long as relational structures among said parametersdo not change, the change of dynamic information will not affect itsoriginal data structure, and thus, digital signature will not bechanged, but said Cyber ID will be changed gradually so that algorithmsof trusted ID and trusted ID recognition can be created.
 17. The methodas recited in claim 15, wherein said parameters in uploaded data by saidCPS entity are based on demands of application such asanti-counterfeiting, encryption, authentication or financialtransactions, forming a list of all attributes and restoring allproperty relationships, then rebuilding part of multi-dimensionalsub-matrix of said 3×3 matrix based on said list wherein said sub-matrixis one sub-matrix of said 3×3 matrix that forms said Cyber ID and it canbe of sparse type.
 18. The method as recited in claim 1, whereinprotocol stack based on said client parameters, connection parametersand cloud parameters can be integrated into traditional network protocolstack.
 19. The method as recited in claim 1, wherein security of saidCyber ID is determined by unique ID functions and matrixtransformations, and it is impossible to speculate different six-degreerelation sequences, with different time and space stamps.
 20. The methodas recited in claim 1, wherein information included in said Cyber ID isself-information, and recovery and verification of said Cyber ID canonly be obtained by users themselves because each said Cyber ID has adifferent transformation structure, and therefore, with said CyberID-based objective, unique and safe identification, user's privateinformation is fully protected.